From: Evgeniy Khramtsov <ekhramtsov@process-one.net>
Date: Sun, 2 Aug 2015 11:47:06 +0000 (+0300)
Subject: Do not crash SIP authentication on SCRAMed passwords
X-Git-Tag: 15.09~94
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f37799223209e428310017829129dbf7f986bb1e;p=ejabberd

Do not crash SIP authentication on SCRAMed passwords
---

diff --git a/src/mod_sip.erl b/src/mod_sip.erl
index 7e7d2f307..4827e0c3b 100644
--- a/src/mod_sip.erl
+++ b/src/mod_sip.erl
@@ -263,8 +263,12 @@ check_auth(#sip{method = Method, hdrs = Hdrs, body = Body}, AuthHdr, _SIPSock) -
 	    case ejabberd_auth:get_password_s(LUser, LServer) of
 		<<"">> ->
 		    false;
-		Password ->
-		    esip:check_auth(Auth, Method, Body, Password)
+		Password when is_binary(Password) ->
+		    esip:check_auth(Auth, Method, Body, Password);
+		_ScramedPassword ->
+		    ?ERROR_MSG("unable to authenticate ~s@~s against SCRAM'ed "
+			       "password", [LUser, LServer]),
+		    false
 	    end;
         [] ->
             false